Re: [PATCH 0/2] x86/bugs: Break down mitigations configurations

From: Breno Leitao
Date: Fri Jun 16 2023 - 04:39:34 EST

Next message: Tian, Kevin: "RE: Question about reserved_regions w/ Intel IOMMU"
Previous message: Krzysztof Kozlowski: "Re: [PATCH v9 3/3] dt-bindings: mtd: marvell-nand: Convert to YAML DT scheme"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jun 15, 2023 at 10:21:55AM -0700, Andi Kleen wrote:
> Breno Leitao <leitao@xxxxxxxxxx> writes:
>
> > There is no way to compile a kernel today with some of the speculative
> > mitigations disabled. Even if the kernel has
> > CONFIG_SPECULATION_MITIGATIONS=n, some Intel mitigations, such as MDS, TAA,
> > MMIO are still enabled and can only be disabled using a kernel parameter.
> >
> > This patchset creates a way to choose what to enable or disable, and,
> > get the mitigations disable if CONFIG_SPECULATION_MITIGATIONS is not
> > set, as the rest of other mitigations.
> >
> > Also, we want to print a warning message letting users know that these
> > mitigations are disabled.
> >
> > This is a follow up to this discussion: https://lkml.org/lkml/2023/6/12/798
> >
>
> Isn't this all roughly equivalent to CONFIG_CMDLINE="mitigations=..." ?

It is, indeed. But, the main motivation for this patchset it to solve a
consistency problem on our Kconfig. The user would image that all
speculative mitigations would be disabled if he passes
CONFIG_SPECULATION_MITIGATIONS=n, but that is not true. The user needs
something else, such as CONFIG_CMDLINE="mitigations=off" or "mds=off".

This patchset give more consistency to our Kconfig options, and the user
doesn't need to read between the lines.

Next message: Tian, Kevin: "RE: Question about reserved_regions w/ Intel IOMMU"
Previous message: Krzysztof Kozlowski: "Re: [PATCH v9 3/3] dt-bindings: mtd: marvell-nand: Convert to YAML DT scheme"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]